Safeguarding your network: preventing network break-ins in your company.Is your network safe from intruders? Probably not, according to according to prep. 1. As stated or indicated by; on the authority of: according to historians. 2. In keeping with: according to instructions. 3. a recent survey conducted by the Computer Security Institute and the FBI. Over 40% of the respondents acknowledged that they had experienced unauthorized use of their computer systems in the past year. From password guessing to data diddling (altering of data in an unauthorized manner), the depth and frequency of these attacks is alarming. Forty-five percent of the companies that were attacked experienced between one to five security-related incidents in the past year. Mike Tuyo, a systems architect at Object Oriented See object technology and object-oriented programming. Information Systems in Brookline, Massachusetts Brookline is a town in Norfolk County, Massachusetts, which borders on the cities of Boston and Newton. As of the 2000 census, the population of the town was 57,107. Etymology Brookline was known as the hamlet of Muddy River , isn't surprised by these numbers. "We get an average of one attack per month of people snooping and trying to break in," says Tuyo, citing password guessing as the most frequent type of intrusion. He admits to tWo cases where hackers were successful at his company but only because the victims had chosen obvious passwords. In these cases, log-in names were first names and passwords, last names. Twenty-one percent of the respondents didn't know how many attempts had been made to infiltrate infiltrate /in·fil·trate/ (in-fil´trat) 1. to penetrate the interstices of a tissue or substance. 2. the material or solution so deposited. in·fil·trate v. 1. their networks. This can be done a variety of ways, including: password guessing, data diddling, virus implementation, IP spoofing Inserting the IP address of an authorized user into the transmission of an unauthorized user in order to gain illegal access to a computer system. Routers and other firewall implementations can be programmed to identify this discrepancy. See firewall. (address forging), sniffing (password monitoring) and scanning (e.g., programs that probe for network vulnerabilities or dial telephone numbers to identify the ones connected to modems). "Most people don't even think of these problems," says Richard Power Richard Power may refer to:
CSI CompuServe, Inc. CSI Commodity Systems, Inc. CSI Commodity Systems Inc. (Boca Raton, FL) CSI Crime Scene Investigation (CBS TV show) CSI Christian Schools International , who edited the survey. One of the best ways to monitor whether someone has broken into your system is to check the logs or audit trail kept by most operating systems Operating systems can be categorized by technology, ownership, licensing, working state, usage, and by many other characteristics. In practice, many of these groupings may overlap. or applications. At the bare minimum, you can look through these and see who's accessing what server and when. No one should be logging into the network through the account of an employee who is on vacation On Vacation was The Robot Ate Me's third album, released in 2004 by the band's frontman, Ryland Bouchard's label Swim Slowly Records, then reissued in 2005 by 5 Rue Christine. or who has left the company. Other signs to look for are active accounts that aren't assigned to anyone and numerous failed password attempts. Third-party software solutions can provide an added level of security to your network. AutitTrack, a software package for Novell Netware (operating system, networking) Novell NetWare - Novell, Inc.'s proprietary networking operating system for the IBM PC. NetWare uses the IPX/SPX, NetBEUI or TCP/IP network protocols. It supports MS-DOS, Microsoft Windows, OS/2, Macintosh and Unix clients. LANs from On Technology Corp., monitors server activity. It can record who's accessing confidential files, logging in A colloquial term for the process of making the initial record of the names of individuals who have been brought to the police station upon their arrest. The process of logging in is also called booking. at night, deleting important files or changing security levels (800-767-6683; $595 for 25 users). According to the survey, 80% of information security problems are due to insiders, and are often unintentional. "No security in and of itself will solve the most important problems, which are human problems," says Power. Hackers have been known to call companies and solicit valuable information under false pretenses False representations of material past or present facts, known by the wrongdoer to be false, and made with the intent to defraud a victim into passing title in property to the wrongdoer. . This problem could be solved by instituting a data classification scheme so that people answering phones would know not to release proprietary information to unauthorized persons. However, common sense will preclude many security problems. Do not give out any proprietary information over the telephone or through unprotected electronic mail. Access to your network should be given only to permanent employees who need to use the data for daily work. Passwords should be changed frequently and encrypted when used. Importation of viruses can be avoided by receiving information only through points of entry monitored by anti-virus software anti-virus software n → Antivirensoftware f . V-Net, from SecureNet Technologies, blocks viruses by creating a "shield" on each computer. When you first use a floppy, V-Net scans it, certifies it as virus-free and writes an invisible signature on that disk. Better still, V-Net not only identifies viruses, it stops them (800-673-3539). Nearly 40% of the respondents reported frequent incidents through both remote dial-in and Internet connections. Some intruders enter network systems from the Internet through ports, openings in the network system through which information and programs travel. Normally, systems administrators block access points to the network so intruders can't log in and copy proprietary information or alter data. But sometimes these supervisors miss access points, and that's when problems arise. Hackers often monitor these access points and will exploit systems that are not carefully protected. Installing a firewall is the most common way to safeguard a network from outside intruders. A firewall is a dedicated PC that stands between a company's internal network and the outside world. For information to come into the internal network it must pass the firewall, which can be customized to authorize or deny access to company information. It's also important to have written policies on how to deal with 'network intrusions, although half the respondents didn't. And nearly two-thirds had no policies for preserving evidence for criminal or civil proceedings. Such policies are vital because there will never be protection against a sufficiently ingenious and technically adept employee with malicious intentions, says Archie Mills Jr., who heads a software development team for a missile defense system Noun 1. missile defense system - naval weaponry providing a defense system missile defence system naval weaponry - weaponry for warships at Rockwell Aerospace. On the other hand, it's difficult to prosecute some of the outside attacks because there is very little legislation in the computer security area. "I could be in the Netherlands and attack a system in Boston. How are you going to prosecute me?" asks Tuyo. The bottom line: always take preventative measures to protect your company's information before someone takes advantage of your negligence (For more information, see "Network Watch-dogs," also on this page). |
|
||||||||||||||||
Printer friendly
Cite/link
Email
Feedback
Reader Opinion